1 to 25 of 388 NIST Jobs in England

information security management, including security operations, architecture, and managing remote offshore teams. Strong knowledge of security frameworks, product development framework (SSDF) & standards, and best practices, such as ISO 27001, NIST Cybersecurity Framework, DFARS, CMMC and GDPR. Extensive experience in independently leading security operations, including incident response, threat intelligence, vulnerability management, and security monitoring. Proficiency in security architecture design, Product security More ❯

with SIEM, SOAR, EDR, UTM, and honeypots. Cloud Security: Understanding of cloud platform security measures (AWS, Azure, etc.) Security Frameworks: Advanced knowledge of frameworks such as MITRE ATT&CK, NIST, etc. Consulting Skills: Risk Management: Ability to assess, prioritize, and manage security risks aligned with client needs Strategic Planning: Capable of developing and executing end-to-end security strategies Communication More ❯

Web Application Firewalls, Intrusion Detection/Prevention, Incident Response, and Security Information and Event Management (SIEM), Identify and Access Management (IAM) controls. Implementation experience with compliance frameworks such as NIST, PCI-DSS, ISO/IEC 27001, ISO/IEC 27017, FISC, etc Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability More ❯

Support incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security More ❯

Support incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security More ❯

services. Define service level objectives (SLOs) and key performance indicators (KPIs) for all security services. Compliance, Governance & Risk Management: Ensure alignment with global compliance requirements such as ISO 27001, NIST, SOC 2, GDPR, and others. Partner with governance, legal, and ISRM teams to implement enforceable policies and standards across identity, endpoint, and data domains. Implement automated compliance controls and continuous More ❯

compliance standards and regulations (e.g., GDPR, HIPAA, PCI DSS). Conduct regular security audits and assessments to identify and address compliance gaps. Familiarity with industry standards and frameworks like NIST Cybersecurity Framework, ISO 27001, and CIS Critical Security Controls. Familiarity with the use of standard security technology solutions and processes such as user provisioning, directory, SIEM, vulnerability management, Cloud Security More ❯

365. Knowledge of information security standards including ISO 27001, PCI-DSS, GDPR. Strong grasp of IT domains including Linux, Windows, networking, containers, IAM, and monitoring. Understanding of ISO27001, ISO27005, NIST security controls, WAF, and network segmentation. Desirable Extras: Experience leading peer reviews and collaborating with cloud solution architects. Ability to positively incorporate feedback into architectural patterns. Certifications Required: Essential: Active More ❯

Prior and proven experience gained as a Security Architect or in a Technical Cyber Consultant/Engineer role. Expertise in: Security legislation (GDPR, PCI DSS, ICO) Frameworks (ISO 27001, NIST CSF, CIS Controls v8) HMG/NCSC policies and guidance Cloud security (AWS, Azure) Microservice architectures PKI, Cryptography, Privileged Access Management Certifications: SABSA, TOGAF, AWS/Azure Architect, CISSP, CISM More ❯

workflows. Define service level objectives (SLOs) and key performance indicators (KPIs) for all security services. Compliance, Governance & Risk Management: Ensure alignment with global compliance requirements such as ISO 27001, NIST, SOC 2, GDPR, and others. Partner with governance, legal, and ISRM teams to implement enforceable policies and standards across identity, endpoint, and data domains. Operationalize policy enforcement through automated controls More ❯

transformation initiatives, including migration of legacy applications to cloud-native platforms and adoption of SaaS/PaaS solutions. Understanding of UK financial regulations, GDPR, and industry standards (ISO 27001, NIST, PCI DSS, etc). Experience running risk assessments, threat modelling, and security testing programmes. Ability to engage and influence senior stakeholders, balancing security with commercial and operational priorities. Strong communication More ❯

transformation initiatives, including migration of legacy applications to cloud-native platforms and adoption of SaaS/PaaS solutions. Understanding of UK financial regulations, GDPR, and industry standards (ISO 27001, NIST, PCI DSS, etc). Experience running risk assessments, threat modelling, and security testing programmes. Ability to engage and influence senior stakeholders, balancing security with commercial and operational priorities. Strong communication More ❯

reporting activities. Implement and enforce access control policies aligned with corporate governance. Design and review workflows for joiners, movers, and leavers. Maintain compliance with standards such as ISO 27001, NIST, and GDPR. Apply IAM theory to support zero-trust security models and defence-in-depth strategies. Evaluate complex access scenarios and formulate risk mitigation strategies. Understand integration concepts with federated More ❯

technical solution design, e.g. Zero Trust, least privilege RBAC, Security by Design, PAM, Segregation of Duties Data Protection and DLP Experience Experience with the following would also be beneficial: NIST, SOC2 and additional compliance and regulatory frameworks Project Management and technical delivery Experience of, or a keen interest in, the business of sport Benefits We offer a benefits package to More ❯

compliance standards and regulations (e.g., GDPR, HIPAA, PCI DSS). Conduct regular security audits and assessments to identify and address compliance gaps. Familiarity with industry standards and frameworks like NIST Cybersecurity Framework, ISO 27001, and CIS Critical Security Controls. Familiarity with the use of standard security technology solutions and processes such as user provisioning, directory, SIEM, vulnerability management, Cloud Security More ❯

MOD/GDS Secure by Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). More ❯

Expertise & Education: Degree in IT, Information Security, Risk Management or a related field. Strong knowledge of DORA, NIS2, and UK/EU cyber regulations . Familiarity with frameworks: ISO27001, NIST, COBIT, CAF . Recognised certifications such as CISSP, CISM, CISA, CRISC, CTPRP . Experience with European financial regulations (BaFin, AMF, etc.). Proven background in information security, audit, or risk More ❯

SPL/AQL, and scripting (Python, PowerShell). Solid understanding of threat detection, incident response, vulnerability management, and penetration testing . Familiarity with frameworks such as MITRE ATT&CK, NIST, and CIS . Strong communication and presentation skills, with the ability to work across technical and business teams. Relevant certifications (e.g., CISSP, GIAC, SC-200, Splunk, IBM QRadar Specialist, Chronicle More ❯

SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of threat detection, incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident, Problem, Change Management). Ability More ❯

SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of threat detection, incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident, Problem, Change Management). Ability More ❯

SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of threat detection, incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident, Problem, Change Management). Ability More ❯

SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of threat detection, incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident, Problem, Change Management). Ability More ❯

SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of threat detection, incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident, Problem, Change Management). Ability More ❯

SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of threat detection, incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident, Problem, Change Management). Ability More ❯

SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of threat detection, incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident, Problem, Change Management). Ability More ❯